package com.bootdo.system.shiro;

import java.util.HashMap;
import java.util.Map;
import java.util.Set;

import com.bootdo.common.config.ApplicationContextRegister;
import com.bootdo.system.domain.UserToken;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.bootdo.common.utils.ShiroUtils;
import com.bootdo.system.dao.UserDao;
import com.bootdo.system.domain.UserDO;
import com.bootdo.system.service.MenuService;
/**
 * @Description:shiro安全框架重要类UserRealm（认证、授权）
 * @auther: liuj
 * @date: 2019/6/11 19:37
 * @return:
 */
public class UserRealm extends AuthorizingRealm {
	@Autowired
	UserDao userMapper;
	/*	@Autowired
	MenuService menuService;*/

	/**
	 * @Description:授权
	 * @auther: liuj
	 * @date: 2019/6/11 19:38
	 * @return:
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
		Long userId = ShiroUtils.getUserId();
		MenuService menuService = ApplicationContextRegister.getBean(MenuService.class);
		Set<String> perms = menuService.listPerms(userId);

		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		info.setStringPermissions(perms);
		return info;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
		//1、获取token中的用户名
		String username = (String) authenticationToken.getPrincipal();
		//2、获取token中的密码
		String password = new String((char[]) authenticationToken.getCredentials());
		//3、根据用户名查询用户实体，验证
		UserDO user = userMapper.getUserByName(username);
		if(user == null){
			throw new UnknownAccountException("该账号不存在，请注册");
		}
		//4、密码验证
		if(!password.equals(user.getPassword())){
			throw new IncorrectCredentialsException("该账号密码不正确");
		}
		//5、其他验证
		if(user.getStatus() == 0){
			throw new LockedAccountException("该账号被锁定");
		}
		//6、验证通过后，认证SimpleAuthenticationInfo
		SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
		return info;
	}

//	/**
//	 * @Description:认证
//	 * @auther: liuj
//	 * @date: 2019/6/11 19:39
//	 * @return:
//	 */
//	@Override
//	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//		String username = (String) token.getPrincipal();
//
//		Map<String, Object> map = new HashMap<>(16);
//		map.put("username", username);
//		String password = new String((char[]) token.getCredentials());
//		//上下文获取bean反射获取（也可以依赖注入）
//		UserDao userMapper = ApplicationContextRegister.getBean(UserDao.class);
//		// 查询用户信息
//		UserDO user = userMapper.list(map).get(0);
//
//		// 账号不存在
//		if (user == null) {
//			throw new UnknownAccountException("账号或密码不正确");
//		}
//
//		// 密码错误
//		if (!password.equals(user.getPassword())) {
//			throw new IncorrectCredentialsException("账号或密码不正确");
//		}
//
//		// 账号锁定
//		if (user.getStatus() == 0) {
//			throw new LockedAccountException("账号已被锁定,请联系管理员");
//		}
//		// 认证
//		SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
//		return info;
//	}

}
